Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/MkLOkrppjrXRglebJjj95T1raiQ.roa
File:                     MkLOkrppjrXRglebJjj95T1raiQ.roa (raw, json)
Hash identifier:          3EuEreSgqBGk4J1homKglfaASkEsqD5IV8HBd6eeDgQ=
Subject key identifier:   32:42:CE:92:BA:69:8E:B5:D1:82:57:9B:26:38:FD:E5:3D:6B:6A:24
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       01856EAFCE7CCB916984CA410FEFA06EC612
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/MkLOkrppjrXRglebJjj95T1raiQ.roa
Signing time:             Sun 01 Jan 2023 18:54:53 +0000
ROA not before:           Sun 01 Jan 2023 18:54:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207152
IP address blocks:        88.216.186.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Wed 22 Feb 2023 19:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:af:ce:7c:cb:91:69:84:ca:41:0f:ef:a0:6e:c6:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Jan  1 18:54:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3242ce92ba698eb5d182579b2638fde53d6b6a24
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:33:5f:76:cf:1f:45:2e:33:67:c2:e6:6b:91:
                    76:07:fd:60:07:2e:68:76:82:96:1b:91:63:18:20:
                    1d:51:2a:7f:e4:86:48:2e:9b:75:38:a9:23:77:67:
                    7d:02:ba:83:e5:04:49:25:d0:62:eb:a5:1c:02:ad:
                    a2:2a:7e:9b:ea:3c:2d:6c:39:9e:b1:a7:1c:53:7b:
                    e4:de:f4:2b:56:0a:d4:a6:40:b3:52:63:0e:fa:f9:
                    40:10:25:32:36:bf:15:fd:cf:23:3c:71:b6:6a:09:
                    c4:d3:2c:7f:54:b4:4a:90:21:8a:95:7e:0a:8d:cc:
                    4c:0b:1f:46:ad:e8:e3:6a:b9:b7:90:26:60:54:c6:
                    0b:04:7e:21:c6:10:1c:2f:48:78:45:7c:03:fc:be:
                    d8:b1:f5:b4:48:02:89:10:54:d5:98:e9:98:85:84:
                    e9:6f:64:4d:5e:b1:1c:c3:cc:76:20:12:14:16:35:
                    44:7c:f9:e4:84:6b:16:53:cc:b3:61:3a:59:4a:0a:
                    9d:0e:09:c4:5e:d5:32:72:ff:04:f2:98:dd:2f:a7:
                    65:21:db:08:1d:ab:03:d8:0f:fb:15:c6:ce:55:6b:
                    77:e3:67:6f:06:d7:21:19:fd:ea:f3:85:53:f8:5d:
                    a6:2a:68:a1:d0:aa:78:61:5a:45:6c:3e:9f:e7:93:
                    60:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:42:CE:92:BA:69:8E:B5:D1:82:57:9B:26:38:FD:E5:3D:6B:6A:24
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/MkLOkrppjrXRglebJjj95T1raiQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.216.186.0/23

    Signature Algorithm: sha256WithRSAEncryption
         4b:8c:d0:cc:40:da:41:4c:bc:aa:d2:b2:b0:d6:92:27:cb:f9:
         af:66:53:0d:93:10:a7:6f:72:0b:3c:9b:f4:ad:06:64:fb:d7:
         4f:14:5d:cb:c6:e8:a9:d8:4f:42:8b:70:da:e3:a1:2f:25:07:
         58:17:09:ea:cf:bf:cc:00:c9:2b:e3:a9:a1:44:34:71:13:07:
         f2:4a:ae:ce:41:36:88:f1:1e:85:bc:c0:7c:d2:96:69:a9:c2:
         7b:4b:c0:60:e7:2a:14:fa:f8:51:bd:2d:cd:02:23:1e:82:c1:
         c2:d3:e8:9b:2e:6f:75:db:87:08:61:fb:22:ab:98:f2:51:50:
         d3:41:34:c9:5f:39:0d:c1:d8:bc:44:24:67:69:f3:b6:7a:e0:
         2f:bf:b7:b4:62:b3:f5:83:42:ab:ef:45:da:bd:ec:0e:be:65:
         1d:ae:9b:2b:c0:52:71:7c:8f:e5:87:d7:23:97:aa:0f:7e:fd:
         90:2d:65:a5:cc:2d:aa:14:e7:f6:6a:2a:b9:00:c6:19:10:08:
         e3:30:ac:cb:8a:4d:69:a1:ff:a5:d4:a6:2d:e6:d7:e4:18:e2:
         4b:ce:49:e9:93:25:81:1e:f9:01:37:c2:37:5f:ce:d0:46:a6:
         70:3e:b8:9d:4f:25:5e:14:6f:49:1a:f3:93:36:9d:dd:6d:dd:
         2d:2e:f8:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVur858y5FphMpBD++gbsYSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMTAxMTg1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjQyY2U5MmJhNjk4ZWI1ZDE4MjU3OWIyNjM4ZmRlNTNkNmI2YTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2jNfds8fRS4zZ8Lma5F2B/1gBy5o
doKWG5FjGCAdUSp/5IZILpt1OKkjd2d9ArqD5QRJJdBi66UcAq2iKn6b6jwtbDme
saccU3vk3vQrVgrUpkCzUmMO+vlAECUyNr8V/c8jPHG2agnE0yx/VLRKkCGKlX4K
jcxMCx9Grejjarm3kCZgVMYLBH4hxhAcL0h4RXwD/L7YsfW0SAKJEFTVmOmYhYTp
b2RNXrEcw8x2IBIUFjVEfPnkhGsWU8yzYTpZSgqdDgnEXtUycv8E8pjdL6dlIdsI
HasD2A/7FcbOVWt342dvBtchGf3q84VT+F2mKmih0Kp4YVpFbD6f55NgywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDJCzpK6aY610YJXmyY4/eU9a2okMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvTWtMT2tycHBqclhSZ2xlYkpqajk1VDFyYWlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBWNi6MA0G
CSqGSIb3DQEBCwUAA4IBAQBLjNDMQNpBTLyq0rKw1pIny/mvZlMNkxCnb3ILPJv0
rQZk+9dPFF3Lxuip2E9Ci3Da46EvJQdYFwnqz7/MAMkr46mhRDRxEwfySq7OQTaI
8R6FvMB80pZpqcJ7S8Bg5yoU+vhRvS3NAiMegsHC0+ibLm9124cIYfsiq5jyUVDT
QTTJXzkNwdi8RCRnafO2euAvv7e0YrP1g0Kr70XavewOvmUdrpsrwFJxfI/lh9cj
l6oPfv2QLWWlzC2qFOf2aiq5AMYZEAjjMKzLik1pof+l1KYt5tfkGOJLzknpkyWB
HvkBN8I3X87QRqZwPridTyVeFG9JGvOTNp3dbd0tLvgl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:32 2024 by rpki-client on console-fra.rpki-client.org